Traditional data channel transmission techniques include for example, data channel multicasting, which may be employed in a digital networking system, such as, for example, a digital subscriber line access multiplexer (DSLAM) network. A DSLAM network provides an end user, at a terminal or other endpoint, with the ability to switch between streams of data, or data channels, received from an upstream source. A DSLAM network is typically designed to accommodate a variety of different types of data channels, such as, for example, a number of video channels as well as channels associated with user data, voice and gaming traffic. The endpoints of a DSLAM network are customer premises equipment (CPE) devices, such as, for example, modems, set top boxes (STBs) or other processing devices, at a residence or business. A DSLAM network enables the delivery of any of the available video channels to an end user while simultaneously allowing the end user to use the data, voice and gaming channels.
An end user may select one video channel from a set of channels that are broadcasting at a given time, for example, by interacting with an STB using a remote control. An Internet group multicast protocol (IGMP) signal has traditionally been used to effect this channel selection by sending an IGMP control message from the CPE device of the end user through the DSLAM network and to a broadband remote access server (B-RAS). The channel selection is conveyed upstream in order to effect the switch to a newly selected channel. Since the signal has to travel from the CPE device and through the network to the B-RAS, a great number of messages may be traveling through the network at any given time. In DSLAM applications utilizing a central office (CO), the CO in the network polls for IGMP control messages. A CO may support a large number of CPEs, thus, IGMP consolidation presents a significant challenge to the efficiency of the system.
If the CPEs that generate the IGMP messages are compromised via software virus infection or hardware malfunction, they may be orchestrated to send in endless IGMP messages, overwhelming the B-RAS. A Denial of Service (DoS) attack aims to prevent legitimate users from obtaining services from desired resources by flooding the network with unwanted malicious traffic. This flooding overloads the service provider, thereby preventing services from being delivered. In a Distributed Denial of Service (DDoS) attack, the attack process takes over several devices on the network and coordinates them to attack the targeted network at the same time.
In the case of Internet protocol television (IPTV), malicious CPEs could be forced to send out endless IGMP join/leave messages upstream as if individual TV viewers are switching the channels continuously. Such an IGMP flood attack from malicious CPEs can overwhelm the network. Classic DDoS scenarios disrupt traffic flow on the network and deny services that the end user is paying for. In networks that handle voice, video and data using a single network infrastructure, this vulnerability can disrupt all three services at the same time.
Conventional techniques fail to adequately address this problem of a DoS attack on such a digital networking system. Thus, in order to prevent DoS scenarios, techniques for monitoring and limiting control messages are needed.